OWASP Guadalajara

Participation

OWASP Foundation (Overview Slides) is a professional association of global members and is and open to anyone interested in learning more about software security. Local chapters are run independently and guided by the Chapter_Leader_Handbook. As a 501(c)(3) non-profit professional association your support and sponsorship of any meeting venue and/or refreshments is tax-deductible. Financial contributions should only be made online using the authorized online chapter donation button. To be a SPEAKER at ANY OWASP Chapter in the world simply review the speaker agreement and then contact the local chapter leader with details of what OWASP PROJECT, independent research or related software security topic you would like to present on.

Objective: Present to IT Developers the .NET Framework built in features to protect .NET Web Applications and take advantage of them to avoid the most common attacks,

BIO: Raul Villavicencio is a Developer/hands on Software Development Life Cycle based in Guadalajara Jalisco. His career span over 6 years including BA Continnum Mexico, Softtek, Jatco Mexico, Nissan Mexicana, Intramart and as Independent Consultant, Education includes Bachelor in Computational Systems Engineering from Universidad Autonoma de Aguascalientes, Microsoft Technology Specialist/Microsoft Professional Developer on ASP.NET 3.5.

OWASP Guadalajara was invited by Software Guru magazine to participate in one of the most important events for developers in Mexico "Software Guru Conference and Expo 2012". We participated by presenting the topic "OWASP Top 10 Web Application Vulnerabilities". It was a great opportunity to meet with developers and professionals from the IT industry in Mexico but most important, to continue spreading the OWASP word and objective among developers, making them aware about the main risks and vulnerabilities that can be found on web applications as well as the main countermeasures that can prevent those vulnerabilities of being presented on their Web Apps.

We also had the opportunity to talk about the ESAPI and AppSensor OWASP projects and the benefits to implement them; moreover, we discussed about the various OWASP cheat sheets and OWASP Development guides. The audience was very interested and the time was not enough to continue talking about these topics. At the end, they were satissfied with the information provided and the links where they can find all resources needed to build secure applications. The raing of our speech was rated with 4.25/5; being 5 the highest grade!

Jaime Olmos de la Cruz—IPv6 Task Force Mexico
IPv6 Task Force Mexico is by definition a National community integrated by engineers, network designers, operators, ISPs, investigators, students and volunteers motivated to archive a common goal, the development and deploy of networks aware of IPv6 protocol.

Description: We will review two of the most common Web Application Attacks and Countermeasures for SQL Injection and Cross-Site Scripting (XSS) by using PAROS and WebGoat.

It was a great experience sharing this time with the students from the Faculty of Engineering of "Universidad de Guadalajara". We had the opportunity to teach the main concepts of SQL injection and Cross-Site Scripting. In addition, they had the chance to practice these concepts by using WebGoat and Paros in conjuction with the OWASP Cheat Sheets.

They showed interest at all time and we had a successfull session. All of them were really excited to know new techniques on Application Security. Be aware of our next event that will be held on April. We will keep you posted!

As mentioned during the meeting, we will encourage you to bring your laptops in order to give each of you the opportunity to perform and to practice the excercises as well as to clarify all technical questions you may have.